Skip to main content

Crate zerodds_bridge_security

Crate zerodds_bridge_security 

Source
Expand description

Crate zerodds-bridge-security. Safety classification: STANDARD.

Gemeinsamer Security-Layer für ZeroDDS Bridge-Daemons (ws / mqtt / coap / amqp / grpc / corba).

Spec: ZeroDDS Bridge-Spec 1.0 §7.1 (TLS), §7.2 (Auth-Modes), §7.3 (Topic-ACL).

§Schichten-Position

Layer 5 (Bridges) — Substrat-Crate fuer alle sechs Bridge-Daemons.

§Public API (Stand 1.0.0-rc.1)

§Beispiel

use zerodds_bridge_security::{Acl, AclOp, AuthSubject};

let subj = AuthSubject::new("alice").with_group("publishers");
let acl = Acl::allow_all();
let _allowed = acl.check(&subj, AclOp::Write, "/topics/trade");

Re-exports§

pub use acl::Acl;
pub use acl::AclEntry;
pub use acl::AclOp;
pub use auth::AuthError;
pub use auth::AuthMode;
pub use auth::AuthSubject;
pub use connection::RotatingTlsConfig;
pub use connection::build_client_tls_connector;
pub use connection::parse_server_name;
pub use connection::serve_tls_handshake;
pub use ctx::SecurityConfig;
pub use ctx::SecurityCtx;
pub use ctx::SecurityError;
pub use ctx::authenticate;
pub use ctx::authorize;
pub use ctx::build_ctx;
pub use ctx::extract_mtls_subject;
pub use tls::TlsConfigError;
pub use tls::load_server_config;

Modules§

acl
§7.3 Topic-ACL — Read/Write-Permissions pro Topic mit Wildcard- und Group-Match.
auth
§7.2 Auth-Modes — none|bearer|jwt|mtls|sasl.
connection
Connection-Wireup-Helpers für die sechs Bridge-Daemons.
ctx
Daemon-facing Convenience: SecurityConfig (CLI/YAML-Surface) → SecurityCtx (resolved). Wird von allen sechs Bridge-Daemons identisch verwendet — der Unterschied ist nur der Connection-Pfad, in den der Ctx gehängt wird.
tls
§7.1 TLS — rustls 0.23 ServerConfig-Builder.